Making a Poll in PHP from Scratch: Part 1

There are plenty of ready-made Internet polls out there, particularly if you are using a framework for your site such as Wordpress, vBulletin, or Joomla/Drupal. But occasionally it is worthwhile to create your own from scratch, whether for learning or to simply fulfill specific features you need in your application. In this series of posts, that is exactly what we will create - a homemade PHP/MySQL voting page. You should be then able to modify this code for your specific needs.

First, let's talk about the inherent flaws in Internet voting. In the most basic form, an Internet poll is just a choice a person makes on a page that is stored in the database. Without any checks, a person could just refresh the page and vote over and over again. Or, worse, they could employ a script of their own that does this automatically. You could potentially register millions of votes this way, given enough time. So what checks and balances do we have? There are three main options.

User Login

A user login system is the most secure of your options, especially if the accounts are linked to a unique email address. If you are using a system like Wordpress or Drupal, then it is trivial to store the userid of the voter in the database as well. Do you want to use this option with your poll? If the user is already logging in for other reasons, then this is probably fine. Making a user register just to vote in a poll brings the convenience factor way down, most likely deterring most people. Plus, is it really worth it? If a user has the time and inclination, they can simply register over and over again, especially if they have their own domain or email server from which to pull infinite accounts. You could employ some IP-checking with your account checks to make sure they are unique, but then it just becomes an arms race. This option is too burdernsome for us to use in this project.

Cookies

We could use cookies set on a person's machine to determine whether they've voted or not, but all it takes is a browser switch, cleared cache, or a privacy mode and suddenly our checking goes right out the window. This option is almost too simple for the user to overcome.

IP Address

The last major option is an IP address check. There are several flaws with this method, like the others, but we can overcome a few of them more easily. First, IP addresses are not a one-address-to-one-person mapping. The system can go either way, in fact. You can have multiple IPs for a single person, if they have multiple systems, a cellphone, so on. You can also have multiple people for an IP, in the case of a corporate network. You could have 10,000 people registering as a single IP. But these are problems we can find workarounds for. We'll use IP checking in conjuction with a few tricks as our authentication method.

Database Structure: Your Favorite Fruit

For this poll, I'm creating two different database tables, mypoll and mypolltally. The first table will contain all of the choices in our poll and the second the individual votes. This means that we can only have a single poll at a time, but this is a trivial matter in the future to extend (we would simply add another column to mypoll, pollid, containing a unique identifier. Then we would just need a column in mypolltally to store the pollid of each vote).

The Fields

id: A unique identifier for records in the table. When we register a vote in mypolltally, we'll need to know which option we are voting for. We'll use this value to do so.

choice: The text for each option. Our poll question is "What is your favorite fruit?", so here we lay out the choices such as

banana, apple, and orange.

mypolltally:

id: A unique identifier for each vote in the system.

isvotefor: This field points identifies which option in mypoll that this vote is selecting.

ipaddress:The IP address of the voter.

value:We can extend our features a little by having this field. Instead of simply registering a "Yes" for a particular option, we can register a range. We can then allow people to indicate how much they like the option. Perhaps a 1 value is a little, a 5 value is a lot, and anything negative means they do not like it. For now, a value of 1 will just mean yes but later we'll extend it for enhanced voting.

That's enough of the theory for now. In the next part of the series we'll launch into the actual PHP code and finish up with the basic functionality. In Part 3 we'll extend our code to allow for more features.

Ryan

Ryan manages blog content at iD Tech, starting with the company in 2008. He earned his MBA from Santa Clara University after obtaining his Bachelor’s degree from Arizona State. Connect on LinkedIn!

Our website uses cookies, which are necessary and required to achieve the purposes set out in our privacy policy. If you want to know more, you can refer to our
Privacy Policy. By clicking the “Continue” button, closing this banner or continuing to browse, you are agreeing to the use of cookies.